Skip to main content

tv   Actor Matt Dillon Remarks on Myanmars Rohingya Refugees  CSPAN  September 3, 2015 4:05pm-4:56pm EDT

4:05 pm
or five years, between then and 2006, when it was ultimately authorized, there was a very healthy debate about the need for these authorities and the use of these authorities by the executive branch, and the historical pendulum had swung from being very aggressive post 9/11, which is the case post crisis, the political environment post crisis, to one that was a healthy skepticism. what you saw is not a denial of the authorities that were being debated, 215 and national security and the like, but rather additional safe guards, ig reviews, this kind of thing. i think that's what we'll see here. most of the authorities being debated now are going to survive, i think, in that kind of fashion. the one outlier, is the encryption us. i say it's an outlier, because it doesn't fit that parra dime so well. if you read the literature, what i see in the papers, it seems to be a binary choice.
4:06 pm
you either can encrypt over can't encrypt. and that's going to be a tough one. the executive branch is making a strong stand on that, that that would be terribly detrimental to national security and law enforcement, if there's a large category of content that's beyond the reach of government content surveillance. and so that one's a little tougher. because of its binary nature. also because industry has really, at least some large part of the activity, the communications technology industry has dug in pretty hard on it. so that's going to be an interesting debate to see and that's a high-stakes debate. >> great, thank you for that. and thank you for flagging a series of issues in congress that some of your colleagues have mentioned as well which involve access to data by law enforcement and private companies, to questions of encryption and we'll delve into all of that. but that makes it 3-1 against the constitutionality of the
4:07 pm
24/7 drone surveillance and just to sum up the discussion that i've heard. david said that the supreme court in the katz case said, the question is, is there an expectation of privacy in public? greg said that the court in jones said that we do have some expectation of privacy in public. just alito and four other justices said that public surveillance that reveals a great deal of information about us for a month violates our expectations of privacy. jones emphasized there's an important element of trespass in jones where the gps was on the car and justice scalia made that the foundation of his opinion. and maybe four or five justices might think 24/7 drone surveillance crosses a line. although you're worried about the slippery slope and there was
4:08 pm
an interesting exchange, where a month is too long, but a day is okay. so what's the goldilocks magic line? so that leads us back to ahmed in dissent. why do you think 24/7 drone surveillance would be okay, in light of the incredibly purr swaseive arguments that your colleagues made on the other side? >> well, i think in jones, the concurring opinion that greg referred to, alito's concurrence, had more to do with aggregation, than it did with individual collection. and so, again, to what extent is there a drone will iffing yfoll around and that's getting stored somewhere. or is it just following you around and surveilling you in case you pull out a knife, it will zap you with an electroshock? i don't know. in terms of, i just don't see --
4:09 pm
i forget, actually, david, what your argument was. i just don't see the current doctrine not allowing something that is -- it's not the 24/7 that -- that -- that takes the government action past constitutional limitations. in fact, you could probably say the drone is like a cop waiting outside of your house, et cetera. and i limited my answer to the fourth eaamendment. i think the first amendment issues would probably be a bigger deal-breaker for the court. i think the idea of having any machine or camera, or surveillance following you around 24 hours a day, will make you self-censor. in fact, there are studies that show that individuals working in fields like national security, or even cyber security, more recently, journalists that cover
4:10 pm
national security issues, are saying that they feel that they cannot -- they feel chilled in their speech and in their ability to get course information, et cetera. i think a lot of this stuff makes sense in terms of a first amendment argument, but from the fourth amendment perspective, i just don't see privacy in public space -- actually, you were talking about katz, that's correct. and i don't think that -- it wouldn't pass the laugh test to say, i feel like i should have a reasonable expectation of privacy outside, unless the information was being aggregated and processed, unless it was definitely being stored, et cetera. i think you need more than just inspection. >> i see. so, greg, i'm going to ask you to respond. but your view is if the drone is following you and collecting the information, but it's not being broadcast or aggregated, that
4:11 pm
would be okay. but if the drone is following you, 24/7, and it's being broadcast live on the internet, that is a different matter, and that would raise concerns under jones, is that what you're arguing? >> no, i'm thinking if it's aggregated, that would support the alito concurrence and i could take a ride that way. but i look at that more of a potential use of information, of collected information issue rather than just the collection. and once it's been collected, it's sitting around and you use it, essentially you process it and have an outcome. i think that's a due process issue. >> i'm trying to understand. the drone follows me around 24/7 and like a reality show, is just being broadcast on the internet, is that aggregation? does that violate the fourth amendment? >> i think that passes the fourth amendment test. i don't think it passes the first amendment test. i think that's government conduct that chills speech at
4:12 pm
the end of the day. >> greg, your response to this distinction between aggregation and collection? >> i thought, ahmed, when you were talking about aggregation, you were aggregating the drone data with other data not collected by the drone, is that correct? >> yes. well, aggregating it with itself and with other data. in other words, you can have a buffer that only stores three seconds of information at a time in the drone and to the extent it detects any illegal activity, that puts you in the jacobson world. >> this is month-long surveillance broadcast on the internet? >> for the analysis, i'm going to think of aggregation as taking the drone data, adding to it other data and then drawing conclusions from it, versus persisten persistence, which is just taking the drone data for days and days. and my view is that persistence alone is going to be enough to trigger the fourth amendment protection. and i base that view again on
4:13 pm
the jones case and the five justices who seem to think that the trespass didn't really matter, so long as there was persistent surveillance, even though the case went down on trespass grounds. i wanted to flag to folks an interesting discussion we had about this at the privacy law scholars conference on june 24th, 2012, just search on this, from jones to drones, how to define the fourth amendment. >> can't hold back the clever privacy scholars. okay, this was a good discussion. now i want to flip the hypothetical, which is not so hypothetical, and david, ask you, what if google did it? and let me say, it wouldn't be google, it would be facebook, so then it's fine and you can answer it. mark zuckerberg decides i'm going to start a new app, it's going to be called open planet, and i'll collect all of the
4:14 pm
current surveillance camera data in the world and broadcast it live on facebook and also encourage people to broadcast live from their phones, allowing, say, ahmed, to follow me 24/7 with his iphone and broadcast that 24/7 on the internet. he would say, check up on your friends and learn cool stuff and whatever. if that could be done, obviously the fourth amendment does not apply to google and facebook, even though google and facebook arguably have more power over privacy and free speech than any king, or president, or justice, under current statutory law. and you're telling us about the complicated debates in congress. could facebook broadcast on its own, private, 24/7 camera feeds that would allow 24/7 tracking of anyone in the world? >> so i think part of this would depend -- i can't envision a scenario where a large
4:15 pm
technology company would put a product or service out like this without describing what it was doing and having specific privacy protocols behind it. so i would surmise that if such a product, service, application existed, there would be pretty robust controls around the collection and use of that information, and that at the point those representations were made, there would be legal restrictions on the ability of a company to collect and use that information or to make material changes. that's more of a function of the privacy policy itself than it is with respect to statutory law. but i think there are situations too, where ek pa would be implicated to the extent that information is being disclosed to third-parties in ways where the original user hasn't consented to that type of disclosure. so i think there are other statutes that would likely come into play here. but, look, there have been lots -- there's been a lot of
4:16 pm
discussion about whether, you know, whether there ought to be a baseline privacy law, for example, that governs what companies that aren't currently governed by other types of privacy law, whether it be fikra or hipaa, legitimate discussion to have. i do think that it's a separate and distinct discussion from the types of debates that we're having in washington right now, around government surveillance. and i think it's incumbent upon technology companies like google and facebook, when we are venturing into new territories that have new type of privacy implications, that we do give users the control that i think they expect, when there's uncertainty around these types of applications. >> a thoughtful answer. not so hypothetical, in some sense. i was at a wonderful legal futures conference that google sponsored in 2007 and andrew mclaughlin, then chief of public policy, said that he expected in
4:17 pm
a few years, google and facebook would face pressure from the government and from users to advocate public surveillance cameras and broadcast them live. he thought google would choose not to do it. but i want to know, under current law, if facebook chose to do it under current law, would it violate, could someone make the argument that we're all voluntarily turning over our location or camera feeds to third parties when we walk down the street and therefore they can broadcast them to the world without restrictions? >> you took the words right out of my mouth. i think that's a perfectly legitimate argument. especially since there's a lot of signs saying, this area covered by cctv. so if you walk down the street, you've accepted the consequences. i'm not advocating it as the right result, but i think as a
4:18 pm
statutory matter, i haven't gone through this, the cataloguing of statutes that might relate to this, as it relates to a private party, but as a constitutional matter, if it's a nonstate actor and there's a applicable statutory bar, seems like there would be -- >> i've described specifically the movements of congress to address precisely this question, and if they're not afoot, what laws do you think are necessary to prevent mark zuckerberg from this invasion of privacy? >> so i don't think there are bills or statutes that are moving that would address something like that. and i think that there's a significant hole in the extent to which consumers have privacy as against corporate collection of information. but i don't see it being plugged
4:19 pm
in a meaningful way by a baseline privacy statute in the near future. you know, jeff, let me put a twist on your example. maybe you were going there anyway. so all this data is being collected by a company, and then the government says, hey, that would be pretty useful for our investigations. hey, we want the realtime feed, or hey, we want to be able to query the database at will. what controls that right now? and really, we're in murky land, because i don't think that much does. and i think that as privacy advocates, we need to start thinking along the lines that ahmed is talking about, which is not just what protections are there at a collection stage, because often times when a private company is collecting, they won't be there, but at the
4:20 pm
government access stage, when the government says, we want to buy it, or the government says, we just want to act just like every other purchaser of information from this database. >> that's great. so ahmed, greg points to this danger, in addition to the invasion of privacy of facebook broadcasting this data live, the government could also seize it. in your initial thoughts, you drew this parallel between the fourth and first amendment. i love that because it was so brand ician. my hero is justice brand ice. whenever i have a question, i ask, what would wwbd, what would he do? he like you, noted the intersection between fourth amendment protections against virtual searches and first amendment protection for freedom of thought, and he thought it was so important for citizens to
4:21 pm
be able to develop their faculties and form their opinions in order to be immune from government surveillance. i want you to take up this facebook example, although government can buy the feeds, do you think that the 24/7 facebook broadcasting violates current law and if not, what laws would you propose to con strain it? >> so, it doesn't violate current law because you consent out of the fourth amendment. you've provided your consent to google -- sorry -- >> facebook. yeah, google would never do that. >> -- to facebook. i think this is what europeans distinguish as data protection. i think there's a difference between the idea of invading someone's expectation of privacy and in our case, collecting data and i think there's a difference between that and using the data
4:22 pm
for a variety of purposes and whether the user, the one that gave you the data, actually has control over that. that's a distinction i make in my head in terms of a doctrinal sdivtion, not a normative distinction. but i find when you separate those two, it's easier to have a conversation about this stuff. so you've given your consent. the company takes your data. you no longer have a right of privacy, but maybe you ought to have a right to control the data. or a right for your data to be protected. and maybe the government then could get involved and facilitate that or regulate that. but i think another thing that i think greg mentioned is sort of what these companies can do with their analytics. so google -- sorry -- well, google and facebook.
4:23 pm
google can parse through and categorize youtube videos and tell you what all youtube videos have somebody with orange pants and raising their hands. facebook can tell you if somebody's depressed before they're clinically diagnosable with depression. and so when you think about these things from a law enforcement or intelligence perspective, they're very useful tools. so at what point will, at what point will that be purchased or requested or asked for or compelled? that's sort of a prophylactic question that i have generally in my line of thinking about social media. >> david, we're positive google would never broadcast these camera feeds, but google, unlike facebook, is subject to a privacy protection from europe, and that's the right to be forgotten. i won't hide the ball on this.
4:24 pm
i just debated the european privacy commissioner and believe that this represents the biggest clash between american notions of free speech and european notions of privacy in the digital age. why don't you tell us about google's response to the right to be forgotten and other regulatory pressures that it's facing from europe to protect privacy? >> spoiler alert, we lost that case. didn't go so well for us in the european court of justice. i think we're pretty laser focused right now in trying to implement that decision in a responsible way. i don't think -- you know, i don't think it will come as a surprise to anyone to hear that the issues are challenging in terms of trying to figure out when information is, you know, irrelevant, or outdated. in the context of an individual's right to be forgotten, i know that's a term that some europeans take
4:25 pm
exception to, but it's become sort of common in the lex con of this discussion. and i think we're -- this is not -- this is not -- there's no analog to what we are doing right now. i think it's an uncomfortable undertaking in the sense that there's, i think, from the broader public, there's a large international company that is making decisions that are effectively going to determine what is available and accessible on the internet and what's not. it's certainly not a position they think we want to be in. i think from a small democratic perspective, it's not the right result. that said, i think we're trying to figure out how to implement this decision to do it in a responsible way that's reflective not only of the right to free expression in europe, but also the right to free expression here. there have been controversies that have surfaced over whether the right to be forgotten ought to be extended to dotcom. and it's an issue that we're continuing to have discussions
4:26 pm
with the data protection authorities, but that we certainly believe they're a real, sort of philosophical and legal issues around extending the reach of the ruling and an extra territorial way to reach dot dotcom. there are issues where the publishers of websites will receive notice when there are right to be forgotten requests to be processed, or that those who pursue them are successful with, and the extent to which the notices can be specific or whether they can only be general. so can a web master say that what you're seeing here, or can we say, i should say, what you are seeing here in the search results, may not be completely reflective of what's out there, vis-a-vis, or i should say, as opposed to saying, when you search on a specific term, and there's been a right to be forgotten request that's been processed. at that point, you say, some
4:27 pm
search results are not going to appear here. there's been less controversy with the former example than there is with the latter example. but those are examples of the issue we're grappling with. there are serious implications here for the future of free expression. i think there's been some suggestion that -- which hasn't gone very far, but the notion that we ought to think about how we can be effectuate a right to be forgotten in the united states and do so in a way that comports with the first amendment. huge challenge to do that, though. >> there are indeed. we jumped right into this debate. the right to be forgotten gives any user in europe the right to be deleted, any information about them, unless first google and the european privacy commissioner decides that it's not irrelevant, outdated, or is relevant to some public purpose. so if during this panel right
4:28 pm
now, someone is tweeting that i'm a really boring moderator, i could object in europe that this violates my dignitary right and demand this post be deleted from google, not be indexed and google has to decide whether i'm a public figure, whether the tweet is relevant, and if it guesses wrong, it's up for legal fines, but the fines could rise up to two or even more percent of your annual income, which is more than $50 billion. you can have heavy penalties if you guess wrong about this unfair tweet that i'm trying to have removed. >> i think that's at least envisioned under the data protection regulation and the types of fines that might be imposed, that's a possibility. >> don't answer if you don't want to engage or if you haven't followed it, but most americans support some form of a right to be forgotten. is it a good idea, and should congress pass it? >> i can't claim to be an expert
4:29 pm
in this area, but it just seems -- it strikes me as impossible. almost impossible to implement it. and you're right, it flies in the face of the idea that our culture, our political democratic culture has been based on the idea of free dissemination of information and that the marketplace of ideas is nourished by more ideas as opposed to less. so it seems a little bit -- it doesn't really fit with my vision. in terms of your question, is it a good idea. >> any takers, anyone want to argue for it, or all we against? >> there's this great new book called intellectual privacy, and he traced brand ice's evolution, he wrote the article, defending our right to privacy, it allowed
4:30 pm
people to sue if there was true, but embarrassing information that harmed their dignity. he decided free speech in a democracy was more important because people had to decide for themselves what was relevant for public discourse and wrote beautiful free speech opinions about the necessity of favoring free speech over privacy. greg, given the fact that no one is arguing for a right to be forgotten, what is the most important of the pending laws in congress, that you think are necessary to address one big problem that everyone identified, which is this third-party doctrine, the notion that as the courts have said, if i surrender information to a third-party for one purpose, i've abandoned all expectations of privacy in it. you talked about the cell phone search case, but the government might argue, i'm voluntarily surrendering my location information to verizon or at&t, or whoever my carrier is and
4:31 pm
verizon can share it with the government or anyone else. what are the laws pending to address that big problem? >> so, first, david mentioned one key bill that is the bill to require warrants for content stored with third-parties. i agree with david, i think that legislation's time has come. it's got strong support. i'm hopeful it will move this year. there's other legislation, the gps act, that would make it so that government would need a warrant to get information generated by the use of mobile devices like cell phones, whether it's gps information or whether it's cell site location information. whether it's prospective, meaning going forward, or whether it's stored. that legislation isn't as far along and i think we need to have more debate and more hearings about it. complex issues come up. law enforcement does these
4:32 pm
things called cell tower dumps. who was at third and main on the day the bank at that corner was robbed? which phones were there? they get a dump from the cell tower and that lets them know which phones were there. why would they want that? could be thousands of people. because then they ask, well, who was at second and water street on the day the bank there got robbed? and all of a sudden, they look for which numbers were at both locations, because it was the same m.o. at both locations, and then all of a sudden they have their suspect. so, is that going to require a warrant and what would be the standard for that warrant? then there's the one-time ping. it's different to say, where is greg now versus, where was greg at each moment for the last 90 days? i think it's hard to draw that line and so my inclination is to
4:33 pm
say, you need a warrant for location information, period. but others will want to draw that line. so i think that the location legislation isn't as far along. i think it's worthy of consideration, and of more debate. and i'm hopeful that it will move forward after the warrant for content legislation goes through. the other bills that are pending, ken kind of alluded to the section 217 surveillance legislation. my own view is that congress is facing an important decision about whether to continue to permit every phone call, virtually every phone call made to, from, or within the united states. and the congress has forced itself to make a decision for
4:34 pm
that program. so i think that will come up as well. i think those are the biggies. but i don't want folks to miss one other debate, and that is the cyber security legislation. there's legislation pending right now that would allow companies to share what are called cyber threat indicators, that are derived from your communications with the government, not just for cyber security reasons, though. but also, in particular in the senate legislation, also for criminal reasons. a number of criminal statutes could be used to trigger this volunteering of information from providers to the government. i think that's very dangerous. i'm all for cyber security. i think there's a flaw in current law that doesn't allow companies to share what they ought to be able to share, they ought to share. but that the legislation is
4:35 pm
going way overboard in terms of describing and permitting the sharing of that information. >> great, that's very helpful. and let's get the panel's thoughts on the categories of debates you've talked about. first, bulk collection and then the one for content and location information, and then cyber security issues. ahmed, you're counsel for chelsea manning. is a bulk collection ban by congress necessary, or do you believe that bulk collection, as currently practiced by the nsa, violates the fourth amendment as at least one court has held? >> i think a ban is necessary, because -- because i'm on the fence as to whether doctrinally, there's an issue. and in fact, there might not be an issue. so that's why i think a ban is
4:36 pm
necessary for normative reasons. however, the example that we give as to the harm, natural privacy harm that derives from bulk collection, especially 215 collection is a result of the use of the data. again, i think that's -- i distinguish collection and use. >> we saw recently the obama administration had considered ending bulk collection before the snowden revelations. would a ban on bulk collection by congress harm law enforcement and be a bad idea? >> why aren't you answering that one? >> yeah, why aren't you? >> really subtle moderation here. >> look, i'm not sure about the accounts of how it was considered whether or not to end the bulk metadata collection under 215. not surprised it was being considered. i think those programs should always be subject to a cost-benefit analysis.
4:37 pm
but i'll be interested to hear sort of the follow-on reports as people react to that initial report about how serious that consideration was. that does raise an interesting question. i think in the public debate you've got the constitutionality and legality under -- constitutionality, whether that collection fits under 215, whether that's stretching of the term relevance allows for that bulk collection. and then you have the question about utility. the utility of the program. and that's on the executive branch to make that argument. and it's important that they make that argument to congress, that really, this is important. and define this, what core of that authority do they really need? and at some level, i think that argument can be made. because the question then, and i'm going back to my old slippery slope argument, as an advocate for the government, in this situation, i'm sort of doing that. what is bulk collection? it's a broad term. once again, like the 24/7 drone,
4:38 pm
we're talking here about the collection of millions and millions of phone calls, so in sort of a relatively speaking, extreme form of bulk collection, and the question -- the legal question under 215, is it relevant -- every piece of that information relevant to a terrorism investigation, national security investigation, to have all that? the argument is, we need all the telephone numbers in order to see the patterns, the type of thing that greg was talking about in relation to banks in cell tower information. you get all the phone numbers together, you can see this is a bad guy's number here, and he's in touch with this number and that number, and that helps you to potentially unwind a terrorist cell. the question is, oh, yeah, and all those millions of phone numbers, the vast majority are going to be phone calls made by people who have nothing to do with terrorism and are completely innocent. >> well, that's true, and in
4:39 pm
that sort of extreme example, you say, boy, the government's taking hold of all this information, most of which doesn't have a direct connection to terrorism. but then take the scenario to a different level, a smaller level, government hears through some intelligence channel that a terrorist just got on a plane from paris to jfk. you want the government to get the manifest of all the names of the passengers on the plane. 110 passengers on the plane. 109 of them have nothing to do with terrorism. but one does. in order to find out who that person is, you want to run all the names against the database and see if you can identify who the bad guys is before he tries to blow his underwear up or whatever. so just at a practical level, you got to think about what is bulk data collection, it's not just the extreme. there are situations where i think most of us would agree, boy, that's actually the kind of thing we want to be able to do and do quickly and shouldn't require a warrant. >> we have a technical term for
4:40 pm
that, the collection of all the names of everybody on the airplane, along with the terrorist's. it's bulkish collection. [ laughter ] >> so what happens in a case of bulkish collection? right? bulk collection means they're not using an identifier to collect on that specific term. okay? so they're not saying, give me everything -- it's not like a pen register, all the numbers dialled to or from a phone number. it's all of the numbers dialed, all phones. that's bulk collection. so in that scenario, the airplane scenario, the key issue for the privacy folks is, not whether you can get the manifest. it's what happens to all the other names on the manifest that are of no interest? >> that goes back to ahmed's point. which is -- it's the use -- i'm sorry. it's the use of the information and the limitation.
4:41 pm
so not limitation on the collection on the front end, but how it's used. the nsa went to great pains to say there's a limited number of people who can access it, very limited purposes of accessing it, x level of authorities, so that joe nsa operator can't just go in and check to see whether his girlfriend is making phone calls to somebody he doesn't like. >> yeah, but here's the problem. the fbi doesn't have a rule that says they have to throw out that data after they make the match. and that's really where the fight is, or a big part evof th section 215 reform right now. make the match, throw out the data for the people who don't fit the match. you'll save it for a while during the investigation, and making sure that the paris cohort is or is not on the plane, i get that, but at some point, relatively quickly, after that assessment is made, get rid of the data about the innocent
4:42 pm
people. and there's not a good rule about that now. >> david, does google have a position on whether bulk collection should be renewed or banned? >> yes, we do. so we've been strong supporters of the usa freedom act. there were several iterations of that bill last year. it's interesting to hear the discussion. i don't know candidly at the end of the day, from a functional perspective, whether there is that much disagreement in the sense that there's been a lot of discussion around the bulk, you know, metadata program and the broader communications metadata program and the solution that has been offered is to require that the government use a specific selection term. part of the usa freedom act, and part of the ongoing discussions around surveillance reform legislation. i think there's been a lot of discussion about how to get that to the point where it doesn't permit bulk collection, where it doesn't open the door to the types of surveillance that we've
4:43 pm
seen in recent years. and at the same time, gives the government the flexibility, particularly in some of these cases and the hypothetical that can raise, so that where they can't, for example, use a very specific identifier, whether that be an e-mail address or a phone number, that they're able to obtain records, that enable them to identify and/or thwart a terrorist attack. at the same time, to greg's point, the more the debate focuses on the use of that data, i think that heightens the importance of making sure that minimization procedures protect the data for subsequent use. with the usa freedom act, what we saw last year, industry, privacy advocates, the administration, manages to coalesce around what was the right definition to get this, so there was not bulk collection. i would say we don't need to start necessarily from scratch.
4:44 pm
we have a solution that's on the table that works. we have about two months to get it right. and i'm hopeful that we can move forward with that bill. >> so it sounds like the perfect reform, supported by the administration and industry and yet it didn't past last year. why not? and will it past this year? >> so i think a lot of it had to do at least last november, there were some process-based objections about the way the bill came to the floor. it didn't go through committee first. there was an opportunity to pass it in the lame-duck session. and there was the sense from some who felt like it should go through regular order. that opportunity is there now. and i think congress probably should avail itself of that regular order process to the extent that that's important. there were 58 votes in the senate, two short of moving it on the motion to proceed. some of those in the senate
4:45 pm
who's supported that reform are gone. but if you take a look at the numbers, it's difficult from both sides. in the one sense, in the senate, when you have to get to 60 votes, you've got to be able to bring along the other 40 in some way. last year, it was the burden of those who wanted to move that bill. this year, it's the burden of those who may want to simply reauthorize section 215 in its current form. i would submit that's not truly in the realm of reality. you know, i think it's incumbent upon everybody to get around a table and figure this out. we've done it already to an extent with the usa freedom act. what i'm hopeful is that folks can sort of recognize that the types of solutions that are being forged here, are relatively modest ones in the grand scheme. there are broader reforms that have yet to be undertaken. there are really important concerns, i want to underscore, very important concerns outside of the confines of the normal
4:46 pm
fourth amendment issues that we discussed about what types of rights, non-u.s. persons are going to have going forward. the internet is a global medium, it does not have borders. folks who are broad, rightly look at the way our laws operate and the way we operate our surveillance programs and can't seem to fathom why it is that we focus solely on the rights of u.s. persons. that's a really important debate that we're going to have, but i think it's important, really important to get this right here, because it does in some ways frames the term of the debate going forward. >> ken, you talked about how hard it is for congress to scale back powers to the executive once granted. will the usa freedom act pass and should it? >> you know, i -- i'm not a really optimistic that it will pass in the current form, especially given the geopolitical events since last
4:47 pm
year. so i'm not really sure they would trend toward passage, as opposed to the other direction, frankly. >> let's talk about the other direction of bills, warrant for content information, and warrant for geolocation information, will those pass and should they? >> i think on the -- in terms of the content and now this is about the 180-day rule and whether you need to get a warrant to get e-mail content, even if it's over 180 days and hasn't been opened, i think there's a strong movement for that, and i believe actually that the justice department has come out in support of it, hasn't it? i think as a matter of practice, the justice department is getting warrants now as a matter of practice, even though they're not necessarily statutorily obligated to. i think that will less the speed on the geolocation aspect of it,
4:48 pm
or the geolocational legislation, but i could certainly see, especially in the aftermath of the jones decision, that it would stand a fighting chance. >> interesting. greg, do you agree with ken's analysis, and if so, why is it that congress might be more willing to restrict private sector collection of data than to restrict government surveillance? >> i don't see congress actually passing a meaningful bill restricting at large private sector collection of data. the white house has proposed a rather weak consumer bill of rights recently. so i just don't see a strong line going through at least in this congress. now, on the usa freedom issue, i think it's an open question about what -- i think some legislation is going to pass. it almost has to. because it's going to be hard
4:49 pm
for congress to just reauthorize section 215 as it is, and really, jeff, we're in a debate about, to what extent will section 215 be amended to prohibit bulk collection, or to permit it in some circumstances, but more limited? i think that's the debate. i don't think there's going to be a completely binary question on that. and as for ek pa reform, i'm pretty confident that there's enough support now to get it through. and from the government's perspective, all the large providers, virtually all the large providers now, not all of them, but virtually all of them are requiring warrants for content. they're basing that stance on a sixth circuit case called the ror shack case where the court found a warrant is required and no sishit court has gone the
4:50 pm
other way. so all the providers are lined up behind that case in saying, if you want content, you need to come back with a warrant. so what's the big deal with statutitizing it? >> great. want to take up the last big issue on the table, and that is cyber security and encryption, i love the fact that your biography says you're a journalist accused of being a spokesperson for the hackers group. >> that's a client, yes. >> yes. are you in fact the spokesman? >> no, my client, barrett brown, was accused of being a spokesperson. >> i see. >> there's a big misleading. you were the lawyer. so i can still ask you the question. the argument against recent moves by apple and others to encrept data is that it makes it harder for law enforcement to get child molesters and other really serious bad guys, what do you think of those arguments?
4:51 pm
>> well, it certainly makes it more difficult, but i don't think those are good arguments to prevent a maker of technology not to provide secure, efficient, and robust technology to customers. for me, it's really open and shut. but, it's interesting because you've got a lot of different technologies being developed and having dual purposes, for instance, the -- yeah, the notion is somebody mentioned it earlier, vpn's earlier, and the idea of sort of cloaking your online identity or using an nonmiezing technology so the computer on the end point from whatever communications you're making will not know where you're located, won't know your ip address, that's a huge problem for law enforcement. because law enforcement generally likes to go through friendly third parties, like the isp. and so as a result of that, for
4:52 pm
instance, there's been a, or there will be a modification of the federal rules of criminal procedure allowing fbi agents to hack into computers as a mode of search. now, when you apply that to targets, whose location is unknown, almost 90% of those targets are going to be outside of the united states. so now you've got a situation where an fbi agent or a prosecutor with an fbi agent are making an application to a magistrate judge, getting a warrant to conduct a hat, there is a nine out of ten chance that that hack is going to be abroad and it's unilateral, you haven't got consent of that country. and so all the sudden, you've got a magistrate judge and law enforcement engaging in what i would think as foreign relations. so, i guess, i'm telling the story just to sort of underscore the complexity of all these technologies, but also, the fact that law enforcement is not our,
4:53 pm
and should not trump everything. i would also note that this rule 41 modification would be used in general crimes. we're not just limiting it to national security. of course, cyber security is the new national security. and so, when kenneth, the great examples that kenneth gave on stopping a terror attack, those same exact type of scenarios could be presented in the cyber security context because of higher national security as an -- threat than terrorism. i'm wondering, and that is the perfect slippery slope. so you've got a lot more information sharing between private companies and a very big indicator of whatever cyber threat information is, i don't know what it is. and that also being shared by
4:54 pm
the government, and at the sam time, you're trying to protect for certain use of that information sharing, such as anti-trust violation for instance. so a great deal of that has to happen at a black box. where nobody can really be exposed to it. some would argue that would make it private as well on the form of human exposure. all to say that we've got more information being exchanged or shared, and analytics being conducted on that information. and then outcomes that are pretty opaque to the naked eye. and for me, again, i think that's, it's not just a privacy issue. it's also a a chilling of speech issue, but really a due process issue on the end. >> nice to draw those connections. david, does google have a position, first of all, what's google's reactions to apple's decision to encrypt, and what's
4:55 pm
its position on the cyber security bills? >> thanks, yeah, you know, so we, we are very much too sort of moving toward the result of encrypting devices in the same way we've encountered issues with the performance devices that run on the android operating system. it's a -- android operating system as many of you because apple has a soup to nuts organization. we work with different origin and equipment manufacturers, we're very much sort of heading in that direction. you know, i think just to take a step back, there was a tendency to view the movement toward and to end encryption as necessarily responsive to the snowden revelations. i think that oversimplifies the debate, at least visa google, we've been working on various forms of encryption, whether that's sort of encryption and transit from the browser to google, and now obviously and to end encryption, but we were working on

35 Views

info Stream Only

Uploaded by TV Archive on